Fkbug's repositories
ENScan_GO
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
gosint
Gosint is a distributed asset information collection and vulnerability scanning platform
KaynLdr
KaynLdr is a Reflective Loader written in C/ASM
Log4PowerShell
A Log4j PoC written in PowerShell
xTools
xTools,一个辅助小工具
Vm4J
A tool for detect&exploit vmware product log4j vulnerability.
HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
malware-samples-1
Malware samples, analysis exercises and other interesting resources.
Medusa
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
CVE-2021-44228-Scanner
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
leetcode
😏 LeetCode solutions in any programming language | 多种编程语言实现 LeetCode、《剑指 Offer(第 2 版)》、《程序员面试金典(第 6 版)》题解
JNDIExploit-1
from https://github.com/feihong-cs/JNDIExploit
lsassy
Extract credentials from lsass remotely
Proxy-Attackchain
proxylogon, proxyshell, proxyoracle and proxytoken full chain exploit tool
reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
Go365
An Office365 User Attack Tool
Doge-AMSI-patch
golang amsi bypass
tabby
A CAT called tabby ( Code Analysis Tool )
SiteScan
专注一站化解决渗透测试的信息收集任务,功能包括域名ip历史解析、nmap常见端口爆破、子域名信息收集、旁站信息收集、whois信息收集、网站架构分析、cms解析、备案信息收集、CDN信息解析、是否存在waf检测、后台寻找以及生成检测结果html报告表。
OffensiveAutoIt
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
hostscan
自动化Host碰撞工具,帮助红队快速扩展网络边界,获取更多目标点
PowerShell-Suite
My musings with PowerShell
CodeInspector
Java自动化代码审计工具半成品,基于Java ASM技术模拟JVM中Operand Stack和Local Variables实现数据流分析
phoneinfoga
Information gathering & OSINT framework for phone numbers